How to set up Postfix active-active with PCS

Running Postfix on multiple nodes keeps SMTP intake available during maintenance and reduces the impact of a single-node failure when paired with a load balancer or multiple MX targets.

In a Pacemaker cluster managed by pcs, Postfix can be registered as a systemd resource and then cloned so an instance runs on each eligible node. The cluster monitors the resource and restarts it on failure, while inbound traffic distribution remains the responsibility of DNS or a separate load balancer.

Active-active does not merge mail queues; each node keeps its own queue under /var/spool/postfix, so messages queued on a failed node remain delayed until that node returns. Keep configuration, TLS certificates, and maps consistent across nodes, and ensure every node selected by the load balancer or MX records allows inbound connections on TCP port 25.

Steps to set up Postfix active-active with PCS:

Confirm the cluster is online with quorum.

$ sudo pcs status
Cluster name: clustername
Cluster Summary:
  * Stack: corosync (Pacemaker is running)
  * Current DC: node-01 (version 2.1.6-6fdc9deea29) - partition with quorum
  * Last updated: Thu Jan  1 04:43:45 2026 on node-01
  * Last change:  Thu Jan  1 04:43:43 2026 by root via cibadmin on node-01
  * 3 nodes configured
  * 0 resource instances configured

Node List:
  * Online: [ node-01 node-02 node-03 ]

Full List of Resources:
  * No resources

Daemon Status:
  corosync: active/enabled
  pacemaker: active/enabled
  pcsd: active/enabled

Identify the Postfix service unit name.

$ systemctl list-unit-files --type=service | grep -E '^postfix\.service'
postfix.service                              disabled        enabled

Disable the Postfix unit in systemd on every cluster node.

$ sudo systemctl disable --now postfix
Synchronizing state of postfix.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install disable postfix
Synchronizing state of postfix.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install disable postfix
Synchronizing state of postfix.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install disable postfix

Stopping Postfix interrupts SMTP intake on that node until the cloned resource is started by the cluster.

Create the Postfix service resource.

$ sudo pcs resource create postfix_service systemd:postfix op monitor interval=30s

Clone the Postfix service resource across nodes.
```
$ sudo pcs resource clone postfix_service meta clone-max=2 clone-node-max=1
```
clone-node-max=1 prevents multiple instances from running on a single node.

Related: How to create a cloned resource in Pacemaker
Related: How to set Pacemaker clone resource options

Verify the cloned resource status.

$ sudo pcs status resources
  * Clone Set: postfix_service-clone [postfix_service]:
    * Started: [ node-01 node-02 ]

Check that Postfix is listening on TCP port 25 on each active node.

$ sudo ss -lntp | grep ':25 '
LISTEN 0      100          0.0.0.0:25         0.0.0.0:*    users:(("master",pid=186259,fd=13))
LISTEN 0      100             [::]:25            [::]:*    users:(("master",pid=186259,fd=14))

A restricted inet_interfaces setting can bind Postfix to a specific address instead of 0.0.0.0.

Update client routing to distribute inbound SMTP across active nodes.

Load balancers commonly use a TCP connect or SMTP banner check on 25 for health.

Related: How to plan traffic distribution for active-active PCS services
Perform a failover test using the active-active routing configuration.

Maintenance and failover tests can terminate in-flight SMTP sessions and temporarily increase delivery latency.

Related: How to run a Pacemaker failover test with PCS